710 matches found
PHP PostgreSQL Extension Denial of Service Vulnerability
PHP is a popular programming language. The buildtablename function in pgsql.c in the PHP PostgreSQL extension fails to properly verify table name tokens, allowing remote attackers to exploit the vulnerability to conduct denial of service attacks via specially crafted table names...
PHP process_nested_data function memory misreference vulnerability
PHP is a popular programming language. A memory misreference vulnerability in the processnesteddata function in PHP ext/standard/varunserializer.re allows remote attackers to execute arbitrary code using special unserialized calls...
PHP move_uploaded_file implementation securely bypasses file creation vulnerability
PHP is a popular programming language. The moveuploadedfile implementation in PHP ext/standard/basicfunctions.c fails to properly handle the \x00 character in pathnames, allowing remote attackers to bypass extension limits and create files using special parameters...
DSA-3198-2 php5 - regression update
Bulletin has no description...
PHP '/ext/enchant/enchant.c' heap buffer overflow vulnerability
PHP is a general purpose open source scripting language. PHP suffers from a heap buffer overflow vulnerability in the implementation of /ext/enchant/enchant.c, which can be exploited by an attacker to execute arbitrary code in an affected context...
Unspecified Vulnerability in PHP wdsl Extension
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. An...
PHP 'regcomp.c' Null Pointer Denial of Service Vulnerability
PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. A null pointer denial of service vulnerability exists in PHP 'regcomp.c', which can be exploited by an attacker to crash an affected application and deny servi...
UBUNTU-CVE-2014-9767
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/extzip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive...
PMB 4.1.3 - (Authenticated) SQL Injection
Exploit Title: PMB = 4.1.3 Post-Auth SQL Injection Vulnerability Google Dork: inurl:opaccss Date: 25-12-2014 Exploit Author: XD4rker Ismail Belkacim Email: xd4rkeratgmail.com Twitter: @xd4rker Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files...
WordPress 3.0-3.92 stored XSS vulnerability analysis&POC-vulnerability warning-the black bar safety net
! /Article/UploadPic/2014-11/2 0 1 4 1 1 2 7 1 0 5 7 1 6 1 1 7. png Overview: WordPress is a PHP language development blog platform, users can support PHP and MySQL database server set up your own website. You can also put WordPress as a CMS to use. Recently WordPress less than 3. 9 2 Version...
php: integer overflow in unserialize()
An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize function could cause a PHP application to crash...
php: type confusion issue in phpinfo() leading to information leak
A type confusion issue was found in PHP's phpinfo function. A malicious script author could possibly use this flaw to disclose certain portions of server memory...
callback nightmare: parsing of the famous CMS frameworks Drupal SQL injection vulnerability-vulnerability warning-the black bar safety net
Drupal is using the PHP language, open source content management framework CMF, which consists of CMS and PHP development framework together constitute. Consecutive years won the world's best CMS award, is based on the PHP language the most famous WEB applications. A few days before the explosion...
good/bad vote (xss/lfi) Multiple Vulnerabilities
No description provided by source. -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Softbiz Jobs and Recruitment Script (search_result.php) SQL Injection Vulnerability
No description provided by source. ----------------------------Information------------------------------------------------ +Name : Softbiz Jobs & Recruitment Script SQL INJECTION searchresult.php +Autor : Easy Laster +Date : 10.03.2010 +Script : Softbiz Jobs & Recruitment Script +Price : 129$...
Root Exploit Western Digital's WD TV Live SMP/Hub
No description provided by source. Introduction ============ The WD TV Live Streaming Media Player is a consumer device to play various audio and video formats. Additionally it allows access to multiple video streaming services like Netflix, Hulu or Youtube.1 The device allows customization of it...
[SECURITY] Fedora 20 Update: php-5.5.13-3.fc20
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
DSA-2961-1 php5 - security update
Bulletin has no description...
UBUNTU-CVE-2014-0237
The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls...
XML injection vulnerability hazard warning-vulnerability warning-the black bar safety net
Vulnerability description: the Extensible Markup Language Extensible Markup Language, XML for marking an electronic file so that it has a structural markup language that can be used to tag data definition data type is a allows the user to Own the markup language for the definition of the source...